Service Packs and Hotfixes

In a perfect world, you wouldn't need service packs or hotfixes. Software would run flawlessly from the minute you installed it. But we don't live in a perfect world, and vendors often find glitches after they release software.

Microsoft releases service packs when enough problems arise to warrant a bundled release of software corrections or enhancements. Service packs upgrade Windows NT Workstation and NT Server. Microsoft distributes updates with its Microsoft Developer Network (MSDN) enterprise or via universal subscriptions, or you can order updates on CD-ROM. You can also download updates from Microsoft's NT Server Web site.

Service packs are language and platform specific. To find the correct version, look in the subdirectory below the native language for the server or workstation you want to update. The last letter of the filename is i for Intel or a for Alpha (e.g., nt4sp3_i.exe or nt4sp3_a.exe). Service packs are self-extracting files, so you double-click the filename to extract the files to your hard disk. To expand a service pack without applying it, you create a directory, open a command prompt, and enter the filename followed by /x (i.e., nt4sp3_i /x). To apply the service pack, run update.exe.

Service packs are cumulative. Thus, Service Pack 3 (SP3) for NT 4.0 contains the corrections from Service Pack 1 (SP1) and Service Pack 2 (SP2). You must reapply service packs if you load a new operating system (OS) component (e.g., driver, protocol, service) from the original media, because the service-pack fixes might supersede the original code.

Upgrading a component such as Internet Explorer (IE) 3.02 to IE 4.01 is complicated. As in other upgrades, you must reapply the service pack after you load the software from the original media. However, IE 4.01 has more recent versions of certain files than SP3 has. The service-pack update procedure displays a dialog box informing you that you have already installed a more recent version of the file. You must determine whether to overwrite or keep the newer file.

BackOffice products also have service packs. You do not have to reapply SP3 after you load a service pack for Exchange or SQL Server, because BackOffice products seldom modify NT components. If a BackOffice service pack replaces an NT component, you do not want to overwrite the new version with an older file.

Hotfix Headaches
Microsoft originally planned to issue service packs as quarterly updates to NT but has not been able to keep this schedule. Microsoft released SP3 in September 1997. Between service-pack releases, Microsoft issues individual corrections known as hotfixes. Like service packs, hotfixes are language and platform specific. Hotfixes also follow the same naming conventions as service packs: i for Intel and a for Alpha. You find hotfixes in a subdirectory of the server's or workstation's native language. You can download hotfixes from http://www.microsoft.com/ntserver. Click Downloads, and scroll down to Service Packs & Updates. You can FTP hotfixes from ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes. Downloads are sometimes faster at the FTP mirror site ftp://198.105.232.37/fixes.

Two years ago, Microsoft released few hotfixes. Since SP3, Microsoft has released more than 40 hotfixes, as Table 1 shows. Microsoft's Web site documents each hotfix in a Support Online article, which the hotfix directory typically includes.

Sorting through hotfix documentation is a headache for administrators who have only one or two servers. If you support hundreds of workstations and servers, keeping track of which hotfixes you applied to which servers is a nightmare. In addition, you can encounter several problems with hotfixes.

Microsoft does not always thoroughly test hotfixes before releasing them. If a problem arises after release, Microsoft pulls the hotfix, corrects the problem, and rereleases the hotfix. Microsoft typically places the superseded version in an archive directory.

Installation of multiple hotfixes is order dependent.

Some hotfixes are embedded in other hotfixes. To avoid problems, scan the text file (e.g., postsp3.txt) to verify that you have not already installed the hotfix.

If multiple hotfixes replace a file, you must remove the hotfixes in reverse order (from most recent to oldest) to return your system to its original state.

Sometimes the directory containing the hotfix you need is empty.

You must reinstall hotfixes after you reapply a service pack.

Microsoft does not publish a schedule of upcoming corrections.

Installing, Listing, and Removing Hotfixes
To install, list, or remove hotfixes, use Microsoft's hotfix.exe utility (for the most recent release of this utility, go to ftp://
ftp.microsoft.com/bussys/utilities/hotfix). Select the version for your platform (hotfixi.exe or hotfixa.exe). Hotfix.exe reads the .inf file associated with the hotfix you want to apply or remove to determine what changes to make to your system. Table 2 shows the utility's command switches.

To expand the files in a hotfix, double-click the file icon or enter the filename at a command prompt. As with service packs, you can add /x to the hotfix filename to expand hotfixes before you install them (e.g., y2kfix.exe /x). You must enter a directory in which to expand the files. This method lets you see which files a hotfix will modify, and you can verify whether a correction is contained in multiple hotfixes. To install an expanded hotfix, double-click hotfix.exe, or enter

hotfix.exe

at a command prompt. The hotfix.inf file contains installation instructions. To remove a hotfix, open a command window and enter the hotfix filename followed by /y (e.g., y2kfix.exe /y).

When you install a hotfix, the system creates uninstall information in a hidden folder in the system root. This file is $NtUninstall$ (e.g., $NtUnistallQ175093$). The system also creates a Registry key for each fix in the path HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Hotfix, as Screen 1 shows. You can use a Registry editor to verify which hotfixes are installed on an NT system. Alternatively, you can use the /l (list) switch on the hotfix command to read the hotfix Registry keys and report them back in a pop-up dialog box.

Service Pack 4
Microsoft has repeatedly delayed releasing Service Pack 4 (SP4) for NT 4.0, but SP4 promises to be worth the wait. Microsoft is thoroughly beta testing SP4. As with all service packs after SP1, SP4 contains previous service-pack fixes. SP1 contains 9 fixes; SP2 contains more than 140 additional fixes; SP3 contains more than 180 additional fixes; and SP4 contains more than 360 fixes.

SP4 includes remote procedure call (RPC) enhancements for Visual Basic (VB) that introduce a user data type (UDT) for Access databases. A Visual Studio (VS) update includes a new Analyzer Events feature that provides a graphical view of high-level behaviors and associated solutions using event logs, system performance, performance monitoring, and other system data.

Microsoft is introducing a new version of the Telephony API (TAPI). However, TAPI 2.1 has several problems. You can't pass encrypted data between the client and the server. In addition, incompatibilities exist between US Robotics ISDN adapters. Microsoft's recommendation for this problem is that you don't install TAPI 2.1 on computers that use US Robotics ISDN adapters.

The SP4 beta includes an interim build of the Web-Based Enterprise Management (WBEM) software development kit (SDK) beta 2 software. WBEM is a means of managing cross-platform networks via a Web interface. Microsoft has not stated whether it will include the new WBEM version in the final SP4 release. (For information about WBEM technology, go to http://wbem.freerange.com.)

Protocol updates. SP4 includes a distributed component object model (DCOM) update that lets you use a standard HTTP and port to traverse firewalls. According to the documentation, the update introduces a new protocol, Tunneling TCP/IP, that works like other DCOM protocols. This new protocol promises increased performance, improved client-access control, and easy management via existing firewall rules for HTTP traffic.

Most TCP/IP network traffic occurs in a unicast fashion: The system sends a copy of outbound data to each client that requests it. When you use a multicast method, the system sends only one copy of the data to clients that request the data. Multicasting minimizes bandwidth usage when you deploy multimedia applications.

Multicasting places users in groups and sends packets of information to the groups that request it. When a client joins a group that receives multicast information, the Internet Group Management Protocol (IGMP) adds the client to the list for multicast data. SP4 contains an update for IGMP 2.0 that lets a router determine when group membership is zero. The protocol uses this feature to stop forwarding multicast packets if no clients belong to the group receiving the data.

You might have problems establishing a Domain Name System (DNS) service on a firewall-protected network. Many firewall configurations disallow inbound traffic to DNS port 53. Thus, you experience problems trying to receive a response destined for that port. SP4 lets you change the DNS server port you use to make outbound connections and thus eliminate the DNS server problem.

SP4 includes an update to the Routing Information Protocol (RIP) listener. No details about the update were available at press time.

NT includes file and print services for NetWare, which lets NT act as a NetWare 3.x server and process file and print requests from NetWare clients without changing or updating the NetWare client software. SP4 includes an update that introduces support for NetWare's Client32 software.

Microsoft Office currency updates. Office 95 and Office 97 support the euro character, a symbol for the new Eurodollar European Union common currency. But according to Microsoft, application support is not enough for the euro character to function. NT must support the euro character in order for applications to also support it. In addition, printers might require font updates to print the character. SP4 includes a euro currency symbol; supporting keyboard drivers; and new core fonts such as Arial, Courier New, and Times New Roman. For more information about the euro symbol and Microsoft support, go to http://www.microsoft.com/ officefreestuff/000/office/documents/euro.htm.

NT 4.0 Option Pack updates. Microsoft no longer includes new add-on service software in service packs. The company now distributes add-on services in Option Packs. Microsoft has released one NT 4.0 Option Pack. SP4 introduces fixes for some services in this Option Pack. Microsoft has updated Certificate Server to include fixes for Teletex encoding, X.509-compliant serial-number generation, and backup functions for elements such as keys and certificates.

Internet Information Server (IIS) 4.0 fixes include support of long filenames for security restrictions on files and directories, and improved logging and caching of performance information.

The updated Microsoft Transaction Server (MTS) includes a new Java context class that lets developers use Visual J++ to eliminate the IObjectContext interface. The new context class lets you report that an object's work is done, temporarily or permanently prevent the system from processing a transaction, determine whether security is enabled, create a new instance of other MTS objects and include their work in the current object's transaction, and determine whether the object is executing within a transaction.

Option Pack updates include enhancements for Simple Mail Transport Protocol (SMTP) and Network News Transport Protocol (NNTP). SMTP now supports multiple virtual servers and the ETRN command for dequeueing mail over dial-up links. No information about NNTP enhancements was available at press time.

Security updates. Microsoft's Active Directory (AD) has several group policy updates. SP4 introduces group policies for directories, letting administrators define and control the state of computers and users via groups that are associated at various directory levels, including domains, sites, and organizational units (OUs). The system maintains group policies after you establish them.

SP4 includes the new proquota.exe utility. Proquota.exe monitors the sizes of user profiles and ensures that you don't exceed a predetermined file size limit. Users whose files are too large cannot log off until they reduce the file size.

Miscellaneous updates. SP4 includes Year 2000 (Y2K)-compliance updates for several NT components. MS Word will support four-digit dates and will recognize the years 1900 and 2000 as centuries. In addition, User Manager, the Find Files feature, the Date/Time applet in Control Panel, and the Dynamic Host Configuration Protocol (DHCP) administrator program are updated for Y2K compliance. (For information about troubleshooting Y2K problems, see Paula Sharick, "Y2K and Microsoft," page 155.)

SP4 includes IE 4.01 and support for Compaq's Fiber Storage Devices and PCI and EISA bus Fibre Channel Host Controllers. SP4 includes printing enhancements to provide better Z-ordering and dithering for printing text and graphics. Finally, SP4 includes an updated version of ntfs.sys that can access NT 5.0 file systems, with some limitations.

Recommendations
SP4's release seems imminent. However, Microsoft's track record might spur you to install SP3's hotfixes while you wait. Before you load a new service pack on your NT system, update your Emergency Repair Disk (ERD) with the Rdisk utility. To ensure you have a current copy of the account and security databases, run this utility from a command prompt with /s.

Always read a new service pack's readme.txt file. This file contains important notices, warnings, and instructions.